Month: November 2006

Hello, This is Christopher Budd. I wanted to follow up our posting on the November 2006 Monthly Bulletin release to let folks know that MS06-071 has been made available for SUS 1.0. Those of you who are SUS 1.0 administrators should begin to see those updates show up for your approval. Thanks. Christopher *This posting…

Hello, This is Adrian Stone. I wanted to let you know that we just posted Microsoft Security Advisory (928604). Microsoft is aware of public proof of concept code targeting the vulnerability addressed by security update MS06-070. At this time Microsoft has not seen any indications of active exploitation of the vulnerability. We’re tracking this issue through our Software…

Hey folks – Mike Reavey here. I wanted to let you know we’ve released our security bulletins for the month of November 2006 here today. We’re releasing six new security bulletins today: · Microsoft Windows (MS06-066) · maximum severity rating of Important · vulnerabilities could allow an attacker to remotely take complete control of an…

Hi everyone. Brian and Jonathan, software security engineers from the SWI team here. Alexandra Huft from the MSRC team asked us to write a guest blog entry giving an update into the technical investigation of the PowerPoint 2003 proof-of-concept code published a few weeks ago which was previously blogged about here (http://blogs.technet.com/msrc/archive/2006/10/12/poc-published-for-ms-office-2003-powerpoint.aspx). The short…

Hello, This is Christopher Budd, program manager here at the MSRC. It’s the Thursday before the second Tuesday and so I wanted to go ahead and let people know that we’ve posted our Advance Notification for November 2006 Microsoft Monthly Security Bulletin Release. Next Tuesday, on Nov. 14, 2006 at approximately 10:00 am PT we are…

Hello, Ben Richeson here. I wanted to let you know that we just posted Microsoft Security Advisory (927892) about our investigation of public reports of a vulnerability in the XMLHTTP 4.0 ActiveX Control, part of Microsoft XML Core Services 4.0 on Windows. We are aware of limited attacks that are attempting to use the reported vulnerability. We’re tracking this…